Posts: 11

Topic: Random vmail password, can't use address book

Hello,

Just installed iRedMail with ldap support - excellent stuff!

But now I want to use Outlook/Thunderbird to access address book . The problem is, that vmail ldap user password is not the same as vmailadmin (read documentation, it says that the vmail pass is automatically generated). If I change the password for vmail in the ldap manually, what things in the iRedMail system will break ? Is there any other bind user I can use for connecting the address book to ldap ?

Re: Random vmail password, can't use address book

Hi There,

Thanks for your prompt reply - we've already tried this with Thunderbird (using the mail user's own username/password/dn to bind) , but I don't think the user has read rights to the directory. Although the users are authenticated (I think), nothing appears in the addressbook list for them. Here is what we are using:

Is this a problem of regular users not having rights to read other users details/DN entries (slapd.conf) ?

We didn't install RC2 since it was suggested on your site to not use it in production system. Is it safe to use? We have already installed stable version along with some customisations (mainly around send/receive restrictions to convert the mail server into an intranet only server with rights to send/receive mail from company domain only) - how troublesome/easy would it be to upgrade to RC2 (and beyond) ?

## Set permission for LDAP attrs.#access to attrs="userPassword,mailForwardingAddress" by anonymous auth by self write by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=postmaster@([^,]+),domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk" write by users none

access to attrs="cn,sn,telephoneNumber" by anonymous auth by self write by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=postmaster@([^,]+),domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk" write by users read

# Domain attrs.access to attrs="objectclass,domainName,mtaTransport,domainStatus,enabledService,domainSenderBccAddress,domainRecipientBccAddress" by anonymous auth by self read by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=postmaster@([^,]+),domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk" write by users read

# User attrs.access to attrs="mail,accountStatus,userSenderBccAddress,userRecipientBccAddress,mailForwardingAddress,mailQuota,homeDirectory,mailMessageStore" by anonymous auth by self read by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=postmaster@([^,]+),domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk" write by users read

## Set ACL for vmail/vmailadmin.#access to dn="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" by anonymous auth by self write by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by users noneaccess to dn="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" by anonymous auth by self write by users none

## Allow users to access their own domain subtree.#access to dn.regex="domainName=([^,]+),o=domains,dc=intra,dc=abc-ltd,dc=co.uk$" by anonymous auth by self write by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=postmaster@$1,domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk$" write by dn.regex="mail=[^,]+,domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk$" read by users none## Enable vmail/vmailadmin.#access to dn.subtree="o=domains,dc=intra,dc=abc-ltd,dc=co.uk" by anonymous auth by self write by dn.exact="cn=vmail,dc=intra,dc=abc-ltd,dc=co.uk" read by dn.exact="cn=vmailadmin,dc=intra,dc=abc-ltd,dc=co.uk" write by dn.regex="mail=[^,]+,domainName=$1,o=domains,dc=intra,dc=abc-ltd,dc=co.uk$" read by users read

## Set permission for "cn=*,dc=intra,dc=abc-ltd,dc=co.uk".#access to dn.regex="cn=[^,]+,dc=intra,dc=abc-ltd,dc=co.uk" by anonymous auth by self write by users none## Set default permission.#access to * by anonymous auth by self write by users read

Re: Random vmail password, can't use address book

Hi, neo_x.

I tested the settings again, it works for me here. and your ACL is correct.

After you set parameters, you can try to compose a new mail, and make the address book showed in left sidebar of composing window, choose the ldap address book you set before and search a user, it will show you the results.

Re: Random vmail password, can't use address book

Hi,

I am using the Tools -> AddressBook option to create and search through the address book. Nothing is changed except the Manager CN. No results are returned as you can see in the ldap logs. There might be some misconfiguration elsewhere. Is there any other way we can troubleshoot this? What about creating a user in ldap (slapd.conf) just for accessing the addressbook just like vmail ?